Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 23/05/2016
Heure de l'analyse: 14:41
Fichier journal: MBAM.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.05.23.02
Base de données de rootkits: v2016.05.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: LDAC
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 390113
Temps écoulé: 9 min, 17 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 4
PUP.Optional.VDownloader, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\eoccbpoodnckjdnackiffhjfkogfhnhh, En quarantaine, [ed619346a7f2d6606a0c8428da2829d7],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [f05e01d85e3bdc5a4756b5ef3cc703fd],
PUP.Optional.WinYahoo, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [fc52ddfcf6a3989e7e1dcbd97b8850b0],
PUP.Optional.ProductSetup, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\PRODUCTSETUP, En quarantaine, [65e944955b3efb3b09057d1401023fc1],
Valeurs du Registre: 5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ggbg_16_01¶m1=1¶m2=f[f05e01d85e3bdc5a4756b5ef3cc703fd]D4%26b[f05e01d85e3bdc5a4756b5ef3cc703fd]DIE%26cc[f05e01d85e3bdc5a4756b5ef3cc703fd]Dfr%26pa[f05e01d85e3bdc5a4756b5ef3cc703fd]DWincy%26cd[f05e01d85e3bdc5a4756b5ef3cc703fd]D2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyE0F0FzyyC0EyCtBtDtN0D0Tzu0StCyEyCzytN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCzyyEzytC0Fzz0FtGyByE0BtDtG0AtDtCyBtGtBzzyDyCtGzz0AyEtDtA0E0F0D0FyDyEtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0C0Bzzzy0AtDtG0EyEyC0CtGyEzz0AtAtG0AtD0F0EtG0BzzyBzzzzzytA0D0CzyyCtC2QtN0A0LzuyE%26cr[f05e01d85e3bdc5a4756b5ef3cc703fd]D1309742391%26a[f05e01d85e3bdc5a4756b5ef3cc703fd]Dwncy_ggbg_16_01%26os_ver[f05e01d85e3bdc5a4756b5ef3cc703fd]D10.0%26os[f05e01d85e3bdc5a4756b5ef3cc703fd]DWindowsEn quarantaineB10En quarantaineBPro&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ggbg_16_01¶m1=1¶m2=f[153909d0ff9a3402c5d81b893fc405fb]D4%26b[153909d0ff9a3402c5d81b893fc405fb]DIE%26cc[153909d0ff9a3402c5d81b893fc405fb]Dfr%26pa[153909d0ff9a3402c5d81b893fc405fb]DWincy%26cd[153909d0ff9a3402c5d81b893fc405fb]D2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyE0F0FzyyC0EyCtBtDtN0D0Tzu0StCyEyCzytN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCzyyEzytC0Fzz0FtGyByE0BtDtG0AtDtCyBtGtBzzyDyCtGzz0AyEtDtA0E0F0D0FyDyEtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0C0Bzzzy0AtDtG0EyEyC0CtGyEzz0AtAtG0AtD0F0EtG0BzzyBzzzzzytA0D0CzyyCtC2QtN0A0LzuyE%26cr[153909d0ff9a3402c5d81b893fc405fb]D1309742391%26a[153909d0ff9a3402c5d81b893fc405fb]Dwncy_ggbg_16_01%26os_ver[153909d0ff9a3402c5d81b893fc405fb]D10.0%26os[153909d0ff9a3402c5d81b893fc405fb]DWindowsEn quarantaineB10En quarantaineBPro&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ggbg_16_01¶m1=1¶m2=f[fc52ddfcf6a3989e7e1dcbd97b8850b0]D4%26b[fc52ddfcf6a3989e7e1dcbd97b8850b0]DIE%26cc[fc52ddfcf6a3989e7e1dcbd97b8850b0]Dfr%26pa[fc52ddfcf6a3989e7e1dcbd97b8850b0]DWincy%26cd[fc52ddfcf6a3989e7e1dcbd97b8850b0]D2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyE0F0FzyyC0EyCtBtDtN0D0Tzu0StCyEyCzytN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCzyyEzytC0Fzz0FtGyByE0BtDtG0AtDtCyBtGtBzzyDyCtGzz0AyEtDtA0E0F0D0FyDyEtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0C0Bzzzy0AtDtG0EyEyC0CtGyEzz0AtAtG0AtD0F0EtG0BzzyBzzzzzytA0D0CzyyCtC2QtN0A0LzuyE%26cr[fc52ddfcf6a3989e7e1dcbd97b8850b0]D1309742391%26a[fc52ddfcf6a3989e7e1dcbd97b8850b0]Dwncy_ggbg_16_01%26os_ver[fc52ddfcf6a3989e7e1dcbd97b8850b0]D10.0%26os[fc52ddfcf6a3989e7e1dcbd97b8850b0]DWindowsEn quarantaineB10En quarantaineBPro&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ggbg_16_01¶m1=1¶m2=f[c58904d59efbfb3bb3e8c5df3bc8718f]D4%26b[c58904d59efbfb3bb3e8c5df3bc8718f]DIE%26cc[c58904d59efbfb3bb3e8c5df3bc8718f]Dfr%26pa[c58904d59efbfb3bb3e8c5df3bc8718f]DWincy%26cd[c58904d59efbfb3bb3e8c5df3bc8718f]D2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyE0F0FzyyC0EyCtBtDtN0D0Tzu0StCyEyCzytN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCzyyEzytC0Fzz0FtGyByE0BtDtG0AtDtCyBtGtBzzyDyCtGzz0AyEtDtA0E0F0D0FyDyEtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0C0Bzzzy0AtDtG0EyEyC0CtGyEzz0AtAtG0AtD0F0EtG0BzzyBzzzzzytA0D0CzyyCtC2QtN0A0LzuyE%26cr[c58904d59efbfb3bb3e8c5df3bc8718f]D1309742391%26a[c58904d59efbfb3bb3e8c5df3bc8718f]Dwncy_ggbg_16_01%26os_ver[c58904d59efbfb3bb3e8c5df3bc8718f]D10.0%26os[c58904d59efbfb3bb3e8c5df3bc8718f]DWindowsEn quarantaineB10En quarantaineBPro&p={searchTerms}, %4, %5
PUP.Optional.ProductSetup, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\PRODUCTSETUP|tb, 0X1F1T1V1G1G, En quarantaine, [65e944955b3efb3b09057d1401023fc1]
Données du Registre: 0
(Aucun élément malveillant détecté)
Dossiers: 0
(Aucun élément malveillant détecté)
Fichiers: 0
(Aucun élément malveillant détecté)
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.org
Date de l'analyse: 23/05/2016
Heure de l'analyse: 14:41
Fichier journal: MBAM.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.05.23.02
Base de données de rootkits: v2016.05.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: LDAC
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 390113
Temps écoulé: 9 min, 17 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 4
PUP.Optional.VDownloader, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\eoccbpoodnckjdnackiffhjfkogfhnhh, En quarantaine, [ed619346a7f2d6606a0c8428da2829d7],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [f05e01d85e3bdc5a4756b5ef3cc703fd],
PUP.Optional.WinYahoo, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [fc52ddfcf6a3989e7e1dcbd97b8850b0],
PUP.Optional.ProductSetup, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\PRODUCTSETUP, En quarantaine, [65e944955b3efb3b09057d1401023fc1],
Valeurs du Registre: 5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ggbg_16_01¶m1=1¶m2=f[f05e01d85e3bdc5a4756b5ef3cc703fd]D4%26b[f05e01d85e3bdc5a4756b5ef3cc703fd]DIE%26cc[f05e01d85e3bdc5a4756b5ef3cc703fd]Dfr%26pa[f05e01d85e3bdc5a4756b5ef3cc703fd]DWincy%26cd[f05e01d85e3bdc5a4756b5ef3cc703fd]D2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyE0F0FzyyC0EyCtBtDtN0D0Tzu0StCyEyCzytN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCzyyEzytC0Fzz0FtGyByE0BtDtG0AtDtCyBtGtBzzyDyCtGzz0AyEtDtA0E0F0D0FyDyEtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0C0Bzzzy0AtDtG0EyEyC0CtGyEzz0AtAtG0AtD0F0EtG0BzzyBzzzzzytA0D0CzyyCtC2QtN0A0LzuyE%26cr[f05e01d85e3bdc5a4756b5ef3cc703fd]D1309742391%26a[f05e01d85e3bdc5a4756b5ef3cc703fd]Dwncy_ggbg_16_01%26os_ver[f05e01d85e3bdc5a4756b5ef3cc703fd]D10.0%26os[f05e01d85e3bdc5a4756b5ef3cc703fd]DWindowsEn quarantaineB10En quarantaineBPro&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ggbg_16_01¶m1=1¶m2=f[153909d0ff9a3402c5d81b893fc405fb]D4%26b[153909d0ff9a3402c5d81b893fc405fb]DIE%26cc[153909d0ff9a3402c5d81b893fc405fb]Dfr%26pa[153909d0ff9a3402c5d81b893fc405fb]DWincy%26cd[153909d0ff9a3402c5d81b893fc405fb]D2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyE0F0FzyyC0EyCtBtDtN0D0Tzu0StCyEyCzytN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCzyyEzytC0Fzz0FtGyByE0BtDtG0AtDtCyBtGtBzzyDyCtGzz0AyEtDtA0E0F0D0FyDyEtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0C0Bzzzy0AtDtG0EyEyC0CtGyEzz0AtAtG0AtD0F0EtG0BzzyBzzzzzytA0D0CzyyCtC2QtN0A0LzuyE%26cr[153909d0ff9a3402c5d81b893fc405fb]D1309742391%26a[153909d0ff9a3402c5d81b893fc405fb]Dwncy_ggbg_16_01%26os_ver[153909d0ff9a3402c5d81b893fc405fb]D10.0%26os[153909d0ff9a3402c5d81b893fc405fb]DWindowsEn quarantaineB10En quarantaineBPro&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ggbg_16_01¶m1=1¶m2=f[fc52ddfcf6a3989e7e1dcbd97b8850b0]D4%26b[fc52ddfcf6a3989e7e1dcbd97b8850b0]DIE%26cc[fc52ddfcf6a3989e7e1dcbd97b8850b0]Dfr%26pa[fc52ddfcf6a3989e7e1dcbd97b8850b0]DWincy%26cd[fc52ddfcf6a3989e7e1dcbd97b8850b0]D2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyE0F0FzyyC0EyCtBtDtN0D0Tzu0StCyEyCzytN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCzyyEzytC0Fzz0FtGyByE0BtDtG0AtDtCyBtGtBzzyDyCtGzz0AyEtDtA0E0F0D0FyDyEtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0C0Bzzzy0AtDtG0EyEyC0CtGyEzz0AtAtG0AtD0F0EtG0BzzyBzzzzzytA0D0CzyyCtC2QtN0A0LzuyE%26cr[fc52ddfcf6a3989e7e1dcbd97b8850b0]D1309742391%26a[fc52ddfcf6a3989e7e1dcbd97b8850b0]Dwncy_ggbg_16_01%26os_ver[fc52ddfcf6a3989e7e1dcbd97b8850b0]D10.0%26os[fc52ddfcf6a3989e7e1dcbd97b8850b0]DWindowsEn quarantaineB10En quarantaineBPro&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ggbg_16_01¶m1=1¶m2=f[c58904d59efbfb3bb3e8c5df3bc8718f]D4%26b[c58904d59efbfb3bb3e8c5df3bc8718f]DIE%26cc[c58904d59efbfb3bb3e8c5df3bc8718f]Dfr%26pa[c58904d59efbfb3bb3e8c5df3bc8718f]DWincy%26cd[c58904d59efbfb3bb3e8c5df3bc8718f]D2XzuyEtN2Y1L1QzuzytDtB0BtAyEyDyE0F0FzyyC0EyCtBtDtN0D0Tzu0StCyEyCzytN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyCzyyEzytC0Fzz0FtGyByE0BtDtG0AtDtCyBtGtBzzyDyCtGzz0AyEtDtA0E0F0D0FyDyEtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0C0Bzzzy0AtDtG0EyEyC0CtGyEzz0AtAtG0AtD0F0EtG0BzzyBzzzzzytA0D0CzyyCtC2QtN0A0LzuyE%26cr[c58904d59efbfb3bb3e8c5df3bc8718f]D1309742391%26a[c58904d59efbfb3bb3e8c5df3bc8718f]Dwncy_ggbg_16_01%26os_ver[c58904d59efbfb3bb3e8c5df3bc8718f]D10.0%26os[c58904d59efbfb3bb3e8c5df3bc8718f]DWindowsEn quarantaineB10En quarantaineBPro&p={searchTerms}, %4, %5
PUP.Optional.ProductSetup, HKU\S-1-5-21-1524715948-1456345808-3514040350-1001\SOFTWARE\PRODUCTSETUP|tb, 0X1F1T1V1G1G, En quarantaine, [65e944955b3efb3b09057d1401023fc1]
Données du Registre: 0
(Aucun élément malveillant détecté)
Dossiers: 0
(Aucun élément malveillant détecté)
Fichiers: 0
(Aucun élément malveillant détecté)
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)